Cryptocurrencies: watch out for these fake wallets that steal your money
When it was created in 2009, not many people would have bet on the success of Bitcoin. This virtual currency based on the famous blockchain was a curiosity for many, almost a game with mining that was reserved for geeks interested in this obscure principle. A decentralized exchange of monetary value? Yes, if you say so, why not. Other cryptocurrencies, such as Ethereum, were then created and the faith of buyers in this system made it explode the course. Result 13 years later? Everyone tears them off and dreams of making a fortune thanks to her. Direct consequence: the pirates prepare the buccaneer.
Contents
Fake apps that mimic the real ones
When do pirates sleep? Probably when their mattress is finally stuffed with good fresh banknotes stolen from right to left. It is sometimes directly in your bank accounts, others by subscribing to paid services neither seen nor known. Today, following the fashion, cybercriminals simply attack your cryptocurrencies. This is indeed what we discovered the computer security researchers of the ESET who point the finger the existence of malicious applications. These take on the appearance of some already existing ones by mimicking their interface. So you think you’re putting your money in a safe digital wallet like Coinbase, Trust Wallet or OneKey, but that’s not the case. Legal-looking sites have been opened and redirect you to links to download infected apps running on both Android and iOS.
Also read: Bitcoin & cryptocurrencies for everyone with Coinhouse?
Those who live there, stole the key
Where hackers have done very well is that they have, as ESET experts explain, developed the fake apps using the code of the real ones. Thus, they really look larger than life and look like two drops of water to their models. We then understand how easy it can be to be fooled. Where they differ is that they contain of course a Trojan horse.
This is a sophisticated attack vector since the malware author performed a thorough analysis of legitimate applications
Once installed, the software can recover the private key of your digital wallet. Composed of a recovery phrase of 12 or 24 words, it is this that can unlock the assets and unblock the transfer. Once in the hands of criminals, they just have to help themselves. No less than 13 malicious applications posing as Jaxx Liberty have also been spotted on the Play Store. To properly propagate their scam, the scoundrels were very present on many Facebook and Telegram groups dedicated to cryptocurrencies. There they advertised the digital wallets by sharing the links that led to the fake apps.
These fake crypto wallets want to steal from iPhone and Android users
Researchers at @ESET detail a malware campaign going after cryptocurrency.https://t.co/N74qK5CVJA via @ZDNet
— Danny Palmer (@dannyjpalmer) March 25, 2022
A few tips…
We therefore invite you to be very careful when downloading this type of application. First, only use the official website of your platform to download the corresponding mobile app. A Coinbase customer would be well advised to look for the app link…At Coinbase. Makes sense, but okay. If you absolutely want to go through the Play Store, do not hesitate to inform yourself by looking at user ratings and reading reviews to be sure that it is the official wallet or the one you are looking for. Do not trust someone who will advise you on this or that app by sending you a link to an APK file and above all, do not enter your recovery phrase in an app that is not 100% secure. You can also read our Jaxx Liberty software wallet test. For our part, we can only advise you Metamask which remains, to this day and in our eyes, the best free secure solution to keep your cryptocurrencies warm while giving the possibility of paying, getting paid and even making exchanges. For the more cautious, the Ledger Nano hardware wallet is the most secure solution, but it will cost 60 or 150 € depending on the model. It’s a sum, but if you have several thousand euros of cryptocurrency, it’s a good investment…